CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2026/01/20 12:0 a.m.•3 views

MiracleLinux 9 : firefox-91.9.1-1.el9.ML.1 (AXSA:2022-4012:30)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-4012:30 advisory. Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution CVE-2022-1529 Mozilla: Prototype pollution in Top-Level...

Tenable Nessus•added 2026/01/20 12:0 a.m.•2 views

MiracleLinux 7 : firefox-91.9.1-1.0.1.el7.AXS7 (AXSA:2022-3195:12)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3195:12 advisory. Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution CVE-2022-1529 Mozilla: Prototype pollution in Top-Level...

Tenable Nessus•added 2026/01/20 12:0 a.m.•2 views

MiracleLinux 8 : firefox-91.9.1-1.el8.ML.2 (AXSA:2022-3726:17)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3726:17 advisory. Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution CVE-2022-1529 Mozilla: Prototype pollution in Top-Level...

Tenable Nessus•added 2024/10/09 12:0 a.m.•29 views

CentOS 7 : firefox (RHSA-2022:4729)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4729 advisory. - An attacker could have sent a message to the parent process where the contents were used to double-index into a JavaScript object, leading to prototy...

8.8CVSS9.1AI score0.67932EPSS

OSV•added 2024/04/12 11:7 a.m.•2 views

OESA-2024-1369 firefox security update

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions. Security Fixes: If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have...

OSV•added 2022/12/22 8:15 p.m.•11 views

CVE-2022-1802

If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of attacker-controlled JavaScript code in a privileged context. This vulnerability affects Firefox ESR 91.9.1, Firefox 100.0.2, Firefox for Android 100.3.0,...

8.8CVSS7.9AI score

CVE•added 2022/12/22 12:0 a.m.•581 views

CVE-2022-1802

CVE-2022-1802 involves prototype pollution in JavaScript arrays, enabling attacker-controlled code execution in a privileged context when methods of an Array object can be corrupted. Affected software includes Mozilla Firefox ESR < 91.9.1, Firefox < 100.0.2, Firefox for Android < 100.3.0...

8.8CVSS8AI score0.67932EPSS

Exploits0References2Affected Software3

Debian CVE•added 2022/12/22 12:0 a.m.•48 views

CVE-2022-1802

8.8CVSS8.8AI score0.67932EPSS

Exploits0

Vulnrichment•added 2022/12/22 12:0 a.m.•8 views

CVE-2022-1802

8AI score0.67932EPSS

AlpineLinux•added 2022/12/22 12:0 a.m.•49 views

CVE-2022-1802

8.8CVSS8.2AI score0.67932EPSS

Exploits0

Tenable Nessus•added 2022/11/16 12:0 a.m.•29 views

AlmaLinux 9 : thunderbird (ALSA-2022:4772)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:4772 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

8.8CVSS8.8AI score0.67932EPSS

Tenable Nessus•added 2022/09/08 12:0 a.m.•40 views

RHEL 9 : firefox (RHSA-2022:4765)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4765 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS8.9AI score0.67932EPSS

Exploits0References7

VulnCheck KEV•added 2022/08/15 12:0 a.m.•1 views

VulnCheck KEV: CVE-2022-1802

8.8CVSS7.6AI score0.67932EPSS

Exploits0References1

Tenable Nessus•added 2022/07/08 12:0 a.m.•39 views

Rocky Linux 8 : firefox (RLSA-2022:4776)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2022:4776 advisory. - If an attacker was able to corrupt the methods of an Array object in JavaScript via prototype pollution, they could have achieved execution of...

8.8CVSS9.1AI score0.67932EPSS

Exploits0References5

OpenVAS•added 2022/07/07 12:0 a.m.•24 views

Mozilla Firefox ESR Security Advisory (MFSA2022-19) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

8.8CVSS9.5AI score0.67932EPSS

Exploits0References1

Tenable Nessus•added 2022/06/14 12:0 a.m.•54 views

SUSE SLED15 / SLES15 Security Update : MozillaThunderbird (SUSE-SU-2022:2062-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2062-1 advisory. - An attacker could have sent a message to the parent process where the contents were used to double-index int...

9.8CVSS8.6AI score0.67932EPSS

Exploits0References25

OpenVAS•added 2022/06/14 12:0 a.m.•19 views

openSUSE: Security Advisory for MozillaThunderbird (SUSE-SU-2022:2062-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS8.4AI score0.67932EPSS

OpenVAS•added 2022/06/14 12:0 a.m.•22 views

SUSE: Security Advisory (SUSE-SU-2022:2062-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.2AI score0.67932EPSS